An Instagram account-takeover wave exploited Meta's AI support bot at the password-reset gate. The lesson for law firms: authentication and ethical walls exist to refuse persuasion — exactly what agents are built to do well.
The attack surface isn't AI — it's the documents AI processes. Prompt injection in discovery, adversarial inputs delivered through Rule 34 productions, and the cybersecurity gaps firms create by piping untrusted content through LLM pipelines.
A practical walkthrough of Claude Cowork across the litigation lifecycle — organized around Projects for matters and Skills for recurring tasks — plus the privilege question every firm needs to answer first.
